MUST READ

Cyberattack on Co-op leaves shelves empty, data stolen, and $275M in lost revenue

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

 | 

Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Ohio’s Union County suffers ransomware attack impacting 45,000 people

 | 

ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

 | 

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

 | 

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

 | 

Nation-State hackers exploit Libraesva Email Gateway flaw

 | 

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

Hacking

Pierluigi Paganini September 28, 2017
CISCO addressed several critical IOS flaws that expose devices to remote attacks

Cisco has released security updates for its IOS Operating System to fix more than a dozen critical and high severity vulnerabilities. Cisco has released updates for its IOS software to fix more than a dozen critical and high severity vulnerabilities that could be exploited by attackers to remotely take over company’s switches and routers. Giving […]

Pierluigi Paganini September 28, 2017
iOS apps can access metadata revealing users’ locations and much more

Developer discovered that iOS apps can read metadata revealing users’ locations and much more, a serious threat to our privacy. The developer Felix Krause, founder of Fastlane.Tools, has discovered that iOS apps can access image metadata revealing users’ location history. Krause published a detailed analysis on the Open Radar community, he explained that the app just […]

Pierluigi Paganini September 27, 2017
Google publishes PoC Exploit code for iPhone Wi-Fi Chip hack

Google disclosed details and a proof-of-concept exploit for iPhone Wi-Fi firmware vulnerability affecting Broadcom chipsets in iOS 10 and earlier. This week Google disclosed details and a proof-of-concept exploit for a Wi-Fi firmware vulnerability affecting Broadcom chipsets in iOS 10 and earlier. The flaw that was patched this week could be exploited by attackers to […]

Pierluigi Paganini September 27, 2017
Experts analyzed an Advanced ‘all in memory’ CryptoWorm

The popular security expert Marco Ramilli shared the analysis of a cryptoworm having significant capabilities, enjoy the report! Introduction. Today I want to share a nice Malware analysis having an interesting flow. The “interesting” adjective comes from the abilities the given sample owns. Capabilities of exploiting, hard obfuscations and usage of advanced techniques to steal […]

Pierluigi Paganini September 27, 2017
ZNIU, the first Android malware family to exploit the Dirty COW vulnerability

Security experts at Trend Micro have recently spotted a new strain of Android malware, dubbed ZNIU, that exploits the Dirty COW Linux kernel vulnerability. The Dirty COW vulnerability was discovered by the security expert Phil Oester in October 2016, it could be exploited by a local attacker to escalate privileges. The name ‘Dirty COW’ is due to the fact that it’s […]

Pierluigi Paganini September 26, 2017
Europol report – Cyber attacks against ATM networks on the rise

Cyber criminals are targeting ATM machines through the banks’ networks, the operations involve squads of money mules for the cashout. The Europe’s policing agency warns of a rise of cyber attacks against ATM machines. Criminal organizations are targeting ATM machines through the banks’ networks, the operations involve squads of money mules for the cashout. “The malware being used has […]

Pierluigi Paganini September 26, 2017
CBS Showtime website was spotted mining cryptocurrency in viewers’ web browsers

The websites of the CBS’s Showtime was found containing a JavaScript code that allowed someone to secretly mine cryptocurrency in viewers’ web browsers. Over the weekend,  the websites of the CBS’s Showtime were found containing a JavaScript code that allowed someone to secretly mine cryptocurrency in viewers’ web browsers. The websites Showtime.com and iShowtimeAnytime.com silently […]

Pierluigi Paganini September 26, 2017
Even More Evidence That Russian Was Meddling in the 2016 US Election

Evidence that Russian hackers attempted to interfere with the 2016 US Election continues to pile up, DHS notified states whose systems were hit by APTs. Evidence that Russia attempted to interfere with the 2016 US Election continues to pile up. Rumours started almost as soon as the 2016 US Election was completed, individuals with the White House have […]

Pierluigi Paganini September 26, 2017
Oracle releases security patches for Apache Struts CVE-2017-9805 Flaw exploited in the wild

Oracle fixed several issues in the Apache Struts 2 framework including the flaw CVE-2017-9805 that has been exploited in the wild for the past few weeks. Oracle has released patches for vulnerabilities affecting many of its products, the IT giant has fixed several issues in the Apache Struts 2 framework, including the flaw CVE-2017-9805 that has been exploited […]

Pierluigi Paganini September 25, 2017
Deloitte targeted by a cyber attack that exposed clients’ secret emails

The accountancy firm Deloitte announced it is has been targeted by a sophisticated hack that compromised its global email server. Today the accountancy firm giant Deloitte revealed that is has been targeted by a sophisticated hack that compromised the confidential emails and plans of some of its blue-chip clients. According to The Guardian that first reported the incident, hackers may have accessed company […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Cyberattack on Co-op leaves shelves empty, data stolen, and $275M in lost revenue

Security / September 28, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

Malware / September 28, 2025

Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / September 28, 2025

Ohio’s Union County suffers ransomware attack impacting 45,000 people

Uncategorized / September 27, 2025

ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

Hacking / September 27, 2025